tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
13,380 Commits 7 Branches 18 Tags 96 MiB
Commit Graph

79 Commits

Author SHA1 Message Date
bagajjal 9230781e2e Merge upstream V8_6 2021-04-21 11:30:22 -07:00
djm@openbsd.org 31d8d231eb upstream: highly polished whitespace, mostly fixing spaces-for-tab 
and bad indentation on continuation lines. Prompted by GHPR#185

OpenBSD-Commit-ID: e5c81f0cbdcc6144df1ce468ec1bac366d8ad6e9
 2021-04-03 17:23:02 +11:00
Balu Gajjala e2287c5cfa openssh-8.5 
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEEcWi5g4FaXu9ZpK39Kj9BTnNgYLoFAmA+KckACgkQKj9BTnNg
 YLoCExAAqxi83JFNUj+D0HdfM/eKas8dGtCXFzxtOA0yomKeeDUVoz1D96CdNLF8
 07mL78KAMErN2SfXEyzpS/2yoGa8wPflne/ADWJVIGKZK9cj8/fwvMrCUWp9PJOa
 CVQm2W8u3yBoEAxoi81S7WJjR5BY4Sv0LtQJW43VfD4bwYjBz8N72ecnr7LknFNL
 qJXYUu/OWtMLNsSrh2VigXJQgTA9cmJUrItRFamSsfWZGwilL0MpXLrkwcJa5DhO
 25PG3aeJSTX5txI/hl25EY5cyeJPQGX+6Nz9kJag50a7C9ZOCJHIbnle7dFcLsDP
 lCy3VoQnPxEOHe8kmNGLf1tGvv8AIqpJu1a31SlSnbqHEgHFC0XCPXZF0QWDGAaO
 kDt8j6XSCHYDyml5+nkZJBCP6xcx7eXyLJ2CxnNZBabbRGLb/Rj+jeCk9s+jWo/i
 UDgmlibbfjreYVgwuZhQV9QI9GB0Mlv+UjeeK55b2S7WnhuLsMLVrxDVQ1Zl4oR1
 ckOvXBMGrjMaLQTW9Q1xSV6C3PR1oAbVa09YUP0KSAthOu8L/tGY13kT4DwWm1W/
 JBOKzCk/JIfRuOpCrKSftwuj19JKOPYojW8kk10i/48RUq4TiCsCnTtBZI7VvFcB
 B28s/ZGRq/nETqHSRX63/WLr57lU54pq/+7THQA5iUyFhORPYk4=
 =npgJ
 -----END PGP SIGNATURE-----

pull V8.5 changes
 2021-04-02 10:14:32 -07:00
dtucker@openbsd.org 88057eb6df upstream: Add ModuliFile keyword to sshd_config to specify the 
location of the "moduli" file containing the groups for DH-GEX.  This will
allow us to run tests against arbitrary moduli files without having to
install them. ok djm@

OpenBSD-Commit-ID: 8df99d60b14ecaaa28f3469d01fc7f56bff49f66
 2021-03-13 13:14:13 +11:00
djm@openbsd.org 816036f142 upstream: use the new variant log macros instead of prepending 
__func__ and appending ssh_err(r) manually; ok markus@

OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8
 2020-10-18 23:46:29 +11:00
bagajjal ffae274ab0
Add Moduli file support (#434) 2020-03-17 10:46:28 -07:00
djm@openbsd.org 823f6c37eb upstream: typo in previous 
OpenBSD-Commit-ID: 7c3b94110864771a6b80a0d8acaca34037c3c96e
 2019-09-08 14:49:04 +10:00
djm@openbsd.org 670104b923 upstream: fixes for !WITH_OPENSSL compilation; ok dtucker@ 
OpenBSD-Commit-ID: 7fd68eaa9e0f7482b5d4c7e8d740aed4770a839f
 2019-09-06 17:54:21 +10:00
djm@openbsd.org 81f1620c83 upstream: correct local variable name; from yawang AT microsoft.com 
OpenBSD-Commit-ID: a0c228390856a215bb66319c89cb3959d3af8c87
 2018-11-16 13:51:12 +11:00
millert@openbsd.org 5e532320e9 upstream: When choosing a prime from the moduli file, avoid 
re-using the linenum variable for something that is not a line number to
avoid the confusion that resulted in the bug in rev. 1.64.  This also lets us
pass the actual linenum to parse_prime() so the error messages include the
correct line number.  OK markus@ some time ago.

OpenBSD-Commit-ID: 4d8e5d3e924d6e8eb70053e3defa23c151a00084
 2018-09-20 14:00:11 +10:00
Damien Miller 48f54b9d12 adapt -portable to OpenSSL 1.1x API 
Polyfill missing API with replacement functions extracted from LibreSSL
 2018-09-13 12:13:50 +10:00
djm@openbsd.org 482d23bcac upstream: hold our collective noses and use the openssl-1.1.x API in 
OpenSSH; feedback and ok tb@ jsing@ markus@

OpenBSD-Commit-ID: cacbcac87ce5da0d3ca7ef1b38a6f7fb349e4417
 2018-09-13 12:12:33 +10:00
djm@openbsd.org 967226a1bd upstream: invalidate dh->priv_key after freeing it in error path; 
avoids unlikely double-free later. Reported by Viktor Dukhovni via
https://github.com/openssh/openssh-portable/pull/96 feedback jsing@ tb@

OpenBSD-Commit-ID: e317eb17c3e05500ae851f279ef6486f0457c805
 2018-08-06 11:07:17 +10:00
millert@openbsd.org 6f56fe4b95 upstream: Fix "WARNING: line 6 disappeared in /etc/moduli, giving up" 
when choosing a prime.  An extra increment of linenum snuck in as part of the
conversion to getline().  OK djm@ markus@

OpenBSD-Commit-ID: 0019225cb52ed621b71cd9f19ee2e78e57e3dd38
 2018-07-03 11:08:29 +10:00
markus@openbsd.org 7f90635216 upstream: switch config file parsing to getline(3) as this avoids 
static limits noted by gerhard@; ok dtucker@, djm@

OpenBSD-Commit-ID: 6d702eabef0fa12e5a1d75c334a8c8b325298b5c
 2018-06-07 04:34:05 +10:00
jsing@openbsd.org 7cd31632e3 upstream commit 
Remove all guards for calls to OpenSSL free functions -
all of these functions handle NULL, from at least OpenSSL 1.0.1g onwards.

Prompted by dtucker@ asking about guards for RSA_free(), when looking at
openssh-portable pr#84 on github.

ok deraadt@ dtucker@

OpenBSD-Commit-ID: 954f1c51b94297d0ae1f749271e184141e0cadae
 2018-02-08 09:26:27 +11:00
Marcus Folkesson 6b373e4635 only enable functions in dh.c when openssl is used 
Signed-off-by: Marcus Folkesson <marcus.folkesson@gmail.com>
 2017-11-03 13:13:54 +11:00
dtucker@openbsd.org dcc7d74242 upstream commit 
Fix text in error message.  Patch from zev at
bewilderbeest.net.

Upstream-ID: deb0486e175e7282f98f9a15035d76c55c84f7f6
 2016-12-16 13:12:18 +11:00
deraadt@openbsd.org 9136ec134c upstream commit 
Add MAXIMUM(), MINIMUM(), and ROUNDUP() to misc.h, then
use those definitions rather than pulling <sys/param.h> and unknown namespace
pollution. ok djm markus dtucker

Upstream-ID: 712cafa816c9f012a61628b66b9fbd5687223fb8
 2016-09-12 13:46:29 +10:00
djm@openbsd.org 0e8eeec8e7 upstream commit 
add support for additional fixed DH groups from
 draft-ietf-curdle-ssh-kex-sha2-03

diffie-hellman-group14-sha256 (2K group)
diffie-hellman-group16-sha512 (4K group)
diffie-hellman-group18-sha512 (8K group)

based on patch from Mark D. Baushke and Darren Tucker
ok markus@

Upstream-ID: ac00406ada4f0dfec41585ca0839f039545bc46f
 2016-05-02 20:39:32 +10:00
dtucker@openbsd.org fdfbf4580d upstream commit 
Remove fallback from moduli to "primes" file that was
 deprecated in 2001 and fix log messages referring to primes file.  Based on
 patch from xnox at ubuntu.com via bz#2559.  "kill it" deraadt@

Upstream-ID: 0d4f8c70e2fa7431a83b95f8ca81033147ba8713
 2016-04-01 23:57:14 +11:00
djm@openbsd.org 6e7f68ce38 upstream commit 
rearrange DH public value tests to be a little more clear

rearrange DH private value generation to explain rationale more
clearly and include an extra sanity check.

ok deraadt

Upstream-ID: 9ad8a07e1a12684e1b329f9bd88941b249d4b2ad
 2016-03-04 15:12:16 +11:00
dtucker@openbsd.org 40f64292b9 upstream commit 
Add a stronger (4k bit) fallback group that sshd can use
 when the moduli file is missing or broken, sourced from RFC3526.  bz#2302, ok
 markus@ (earlier version), djm@

Upstream-ID: b635215746a25a829d117673d5e5a76d4baee7f4
 2015-05-28 13:53:13 +10:00
djm@openbsd.org b8afbe2c1a upstream commit 
relax bits needed check to allow
 diffie-hellman-group1-sha1 key exchange to complete for chacha20-poly1305 was
 selected as symmetric cipher; ok markus
 2015-03-27 12:02:23 +11:00
deraadt@openbsd.org 087266ec33 upstream commit 
Reduce use of <sys/param.h> and transition to <limits.h>
 throughout. ok djm markus
 2015-01-26 23:58:53 +11:00
markus@openbsd.org 57d10cbe86 upstream commit 
adapt kex to sshbuf and struct ssh; ok djm@
 2015-01-20 09:19:39 +11:00
Damien Miller 0fde8acdad - djm@cvs.openbsd.org 2013/11/21 00:45:44 
[Makefile.in PROTOCOL PROTOCOL.chacha20poly1305 authfile.c chacha.c]
     [chacha.h cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h]
     [dh.c myproposal.h packet.c poly1305.c poly1305.h servconf.c ssh.1]
     [ssh.c ssh_config.5 sshd_config.5] Add a new protocol 2 transport
     cipher "chacha20-poly1305@openssh.com" that combines Daniel
     Bernstein's ChaCha20 stream cipher and Poly1305 MAC to build an
     authenticated encryption mode.

     Inspired by and similar to Adam Langley's proposal for TLS:
     http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03
     but differs in layout used for the MAC calculation and the use of a
     second ChaCha20 instance to separately encrypt packet lengths.
     Details are in the PROTOCOL.chacha20poly1305 file.

     Feedback markus@, naddy@; manpage bits Loganden Velvindron @ AfriNIC
     ok markus@ naddy@
 2013-11-21 14:12:23 +11:00
Darren Tucker df62d71e64 - dtucker@cvs.openbsd.org 2013/10/08 11:42:13 
[dh.c dh.h]
     Increase the size of the Diffie-Hellman groups requested for a each
     symmetric key size.  New values from NIST Special Publication 800-57 with
     the upper limit specified by RFC4419.  Pointed out by Peter Backes, ok
     djm@.
 2013-10-10 10:32:39 +11:00
Damien Miller 0d02c3e10e - markus@cvs.openbsd.org 2013/07/02 12:31:43 
[dh.c]
     remove extra whitespace
 2013-07-18 16:12:06 +10:00
Damien Miller bbeb1dac55 - djm@cvs.openbsd.org 2013/06/21 05:42:32 
[dh.c]
     sprinkle in some error() to explain moduli(5) parse failures
 2013-07-18 16:10:49 +10:00
Damien Miller 8ed4de8f1d - djm@cvs.openbsd.org 2011/12/07 05:44:38 
[auth2.c dh.c packet.c roaming.h roaming_client.c roaming_common.c]
     fix some harmless and/or unreachable int overflows;
     reported Xi Wang, ok markus@
 2011-12-19 10:52:50 +11:00
Darren Tucker 759cb2a49a - grunk@cvs.openbsd.org 2009/10/01 11:37:33 
[dh.c]
     fix a cast
     ok djm@ markus@
 2009-10-07 09:01:50 +11:00
Damien Miller 2e9cf49069 - djm@cvs.openbsd.org 2008/06/26 09:19:40 
[dh.c dh.h moduli.c]
     when loading moduli from /etc/moduli in sshd(8), check that they
     are of the expected "safe prime" structure and have had
     appropriate primality tests performed;
     feedback and ok dtucker@
 2008-06-29 22:47:04 +10:00
Damien Miller 354c48c641 - (djm) OpenBSD CVS Sync 
- djm@cvs.openbsd.org 2008/04/13 00:22:17
     [dh.c sshd.c]
     Use arc4random_buf() when requesting more than a single word of output
     Use arc4random_uniform() when the desired random number upper bound
     is not a power of two
     ok deraadt@ millert@
 2008-05-19 14:50:00 +10:00
Damien Miller 603077ab4c - ray@cvs.openbsd.org 2007/09/27 00:15:57 
[dh.c]
     Don't return -1 on error in dh_pub_is_valid(), since it evaluates
     to true.
     Also fix a typo.
     Initial diff from Matthew Dempsky, input from djm.
     OK djm, markus.
 2007-10-26 14:25:55 +10:00
Darren Tucker b0781f79db - markus@cvs.openbsd.org 2006/11/07 13:02:07 
[dh.c]
     BN_hex2bn returns int; from dtucker@
 2006-11-08 10:01:36 +11:00
Darren Tucker 0bc85579a9 - markus@cvs.openbsd.org 2006/11/06 21:25:28 
[auth-rsa.c kexgexc.c kexdhs.c key.c ssh-dss.c sshd.c kexgexs.c
     ssh-keygen.c bufbn.c moduli.c scard.c kexdhc.c sshconnect1.c dh.c rsa.c]
     add missing checks for openssl return codes; with & ok djm@
 2006-11-07 23:14:41 +11:00
Damien Miller ded319cca2 - (djm) [audit-bsm.c audit.c auth-bsdauth.c auth-chall.c auth-pam.c] 
[auth-rsa.c auth-shadow.c auth-sia.c auth1.c auth2-chall.c]
   [auth2-gss.c auth2-kbdint.c auth2-none.c authfd.c authfile.c]
   [cipher-3des1.c cipher-aes.c cipher-bf1.c cipher-ctr.c clientloop.c]
   [dh.c dns.c entropy.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
   [kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c loginrec.c mac.c]
   [md5crypt.c monitor.c monitor_wrap.c readconf.c rsa.c]
   [scard-opensc.c scard.c session.c ssh-add.c ssh-agent.c ssh-dss.c]
   [ssh-keygen.c ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c]
   [sshconnect1.c sshconnect2.c sshd.c rc4.diff]
   [openbsd-compat/bsd-cray.c openbsd-compat/port-aix.c]
   [openbsd-compat/port-linux.c openbsd-compat/port-solaris.c]
   [openbsd-compat/port-uw.c]
   Lots of headers for SCO OSR6, mainly adding stdarg.h for log.h;
   compile problems reported by rac AT tenzing.org
 2006-09-01 15:38:36 +10:00
Damien Miller d783435315 - deraadt@cvs.openbsd.org 2006/08/03 03:34:42 
[OVERVIEW atomicio.c atomicio.h auth-bsdauth.c auth-chall.c auth-krb5.c]
     [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
     [auth-rsa.c auth-skey.c auth.c auth.h auth1.c auth2-chall.c auth2-gss.c]
     [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c ]
     [auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufbn.c]
     [buffer.c buffer.h canohost.c channels.c channels.h cipher-3des1.c]
     [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
     [compress.c deattack.c dh.c dispatch.c dns.c dns.h fatal.c groupaccess.c]
     [groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
     [kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c]
     [key.h log.c log.h mac.c match.c md-sha256.c misc.c misc.h moduli.c]
     [monitor.c monitor_fdpass.c monitor_mm.c monitor_mm.h monitor_wrap.c]
     [monitor_wrap.h msg.c nchan.c packet.c progressmeter.c readconf.c]
     [readconf.h readpass.c rsa.c scard.c scard.h scp.c servconf.c servconf.h]
     [serverloop.c session.c session.h sftp-client.c sftp-common.c]
     [sftp-common.h sftp-glob.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
     [ssh-dss.c ssh-gss.h ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rsa.c]
     [ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c]
     [sshd.c sshlogin.c sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c]
     [uidswap.c uidswap.h uuencode.c uuencode.h xmalloc.c xmalloc.h]
     [loginrec.c loginrec.h openbsd-compat/port-aix.c openbsd-compat/port-tun.h]
     almost entirely get rid of the culture of ".h files that include .h files"
     ok djm, sort of ok stevesk
     makes the pain stop in one easy step
     NB. portable commit contains everything *except* removing includes.h, as
     that will take a fair bit more work as we move headers that are required
     for portability workarounds to defines.h. (also, this step wasn't "easy")
 2006-08-05 12:39:39 +10:00
Damien Miller a7a73ee35d - stevesk@cvs.openbsd.org 2006/08/01 23:22:48 
[auth-passwd.c auth-rhosts.c auth-rsa.c auth.c auth.h auth1.c]
     [auth2-chall.c auth2-pubkey.c authfile.c buffer.c canohost.c]
     [channels.c clientloop.c dh.c dns.c dns.h hostfile.c kex.c kexdhc.c]
     [kexgexc.c kexgexs.c key.c key.h log.c misc.c misc.h moduli.c]
     [monitor_wrap.c packet.c progressmeter.c readconf.c readpass.c scp.c]
     [servconf.c session.c sftp-client.c sftp-common.c sftp-server.c sftp.c]
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh.c sshconnect.c]
     [sshconnect1.c sshconnect2.c sshd.c sshlogin.c sshtty.c uuencode.c]
     [uuencode.h xmalloc.c]
     move #include <stdio.h> out of includes.h
 2006-08-05 11:37:59 +10:00
Damien Miller e7a1e5cf63 - stevesk@cvs.openbsd.org 2006/07/26 13:57:17 
[authfd.c authfile.c dh.c canohost.c channels.c clientloop.c compat.c]
     [hostfile.c kex.c log.c misc.c moduli.c monitor.c packet.c readpass.c]
     [scp.c servconf.c session.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
     [ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c sshconnect.c]
     [sshconnect1.c sshd.c xmalloc.c]
     move #include <stdlib.h> out of includes.h
 2006-08-05 11:34:19 +10:00
Damien Miller 8dbffe7904 - stevesk@cvs.openbsd.org 2006/07/26 02:35:17 
[atomicio.c auth.c dh.c authfile.c buffer.c clientloop.c kex.c]
     [groupaccess.c gss-genr.c kexgexs.c misc.c monitor.c monitor_mm.c]
     [packet.c scp.c serverloop.c session.c sftp-client.c sftp-common.c]
     [sftp-server.c sftp.c ssh-add.c ssh-agent.c ssh-keygen.c sshlogin.c]
     [uidswap.c xmalloc.c]
     move #include <sys/param.h> out of includes.h
 2006-08-05 11:02:17 +10:00
Damien Miller e3476ed03b - stevesk@cvs.openbsd.org 2006/07/22 20:48:23 
[atomicio.c auth-options.c auth-passwd.c auth-rhosts.c auth-rsa.c]
     [auth.c auth1.c auth2-chall.c auth2-hostbased.c auth2-passwd.c auth2.c]
     [authfd.c authfile.c bufaux.c bufbn.c buffer.c canohost.c channels.c]
     [cipher-3des1.c cipher-bf1.c cipher-ctr.c cipher.c clientloop.c]
     [compat.c deattack.c dh.c dns.c gss-genr.c gss-serv.c hostfile.c]
     [includes.h kex.c kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c log.c]
     [mac.c match.c md-sha256.c misc.c moduli.c monitor.c monitor_fdpass.c]
     [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c rsa.c]
     [progressmeter.c readconf.c readpass.c scp.c servconf.c serverloop.c]
     [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c sftp.c]
     [ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
     [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c sshconnect2.c]
     [sshd.c sshlogin.c sshpty.c ttymodes.c uidswap.c xmalloc.c]
     move #include <string.h> out of includes.h
 2006-07-24 14:13:33 +10:00
Damien Miller f757d22e8b - stevesk@cvs.openbsd.org 2006/07/18 22:27:55 
[dh.c]
     remove unneeded includes; ok djm@
 2006-07-24 14:05:24 +10:00
Darren Tucker 31cde6828d - djm@cvs.openbsd.org 2006/05/04 14:55:23 
[dh.c]
     tighter DH exponent checks here too; feedback and ok markus@
 2006-05-06 17:43:33 +10:00
Damien Miller 5a73c1a34d - deraadt@cvs.openbsd.org 2006/03/27 13:03:54 
[dh.c]
     use strtonum() instead of atoi(), limit dhg size to 64k; ok djm
 2006-03-31 23:09:41 +11:00
Damien Miller 57c30117c1 - djm@cvs.openbsd.org 2006/03/25 13:17:03 
[atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c]
     [auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c]
     [auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
     [auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c]
     [buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c]
     [cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c]
     [deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c]
     [kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c]
     [mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c]
     [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c]
     [readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c]
     [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c]
     [sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
     [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
     [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
     [uidswap.c uuencode.c xmalloc.c]
     Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
     Theo nuked - our scripts to sync -portable need them in the files
 2006-03-26 14:24:48 +11:00
Damien Miller 928b23684a - djm@cvs.openbsd.org 2006/03/19 02:24:05 
[dh.c readconf.c servconf.c]
     potential NULL pointer dereferences detected by Coverity
     via elad AT netbsd.org; ok deraadt@
 2006-03-26 13:53:32 +11:00
Damien Miller b0fb6872ed - deraadt@cvs.openbsd.org 2006/03/19 18:51:18 
[atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c]
     [auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c]
     [auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c]
     [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c]
     [auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c]
     [canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c]
     [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
     [compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c]
     [groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c]
     [kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c]
     [loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c]
     [monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c]
     [nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c]
     [scard.c scp.c servconf.c serverloop.c session.c sftp-client.c]
     [sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c]
     [ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
     [ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
     [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
     [uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c]
     [openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c]
     [openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c]
     [openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c]
     [openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c]
     RCSID() can die
 2006-03-26 00:03:21 +11:00
Darren Tucker 9a2bd1116b - djm@cvs.openbsd.org 2004/08/04 10:37:52 
[dh.c]
     return group14 when no primes found - fixes hang on empty /etc/moduli;
     ok markus@
 2004-08-12 22:40:59 +10:00